Page 1 of 1

ret2libc blues? try "Prelink"...

Posted: 10 Feb 2018, 13:26
by n0ctilucient
Since libraries move around in memory, there is a performance penalty for resolution. This penalty increases for each additional library needing resolution. Prelinking reduces this penalty by resolving libraries this linking in advance. Afterward, resolution only occurs if the libraries have changed since being prelinked, such as following perhaps an upgrade.

...prelink will (when run with the "-R" option) randomly select the address base that libraries are loaded at. This makes it more difficult to perform a return-to-libc attack on the system, because the addresses used are unique to that system.

see... Prelink: Linux
Package is @... ... e=#results

Mileage many vary... this tactic is best used with Musl (which in the event of a "leaking" exploit is immune to Return-to-libc attack ).

Personally speaking... I like to use the -a -f -R parameters.